<?php
if (!defined("_INDEX")) { header("Location: /"); die; }

$what = UV::readMQ(strip_tags($route->POST('what')));
$user_id = $user->getUserId();

function changeAva($user_id){
	if (isset($_FILES['avatar']['tmp_name']) && $_FILES['avatar']['tmp_name'] != "")
	{
		$path = MAIN_DIR.DS."files".DS."img".DS."users".DS.$user_id;
		if (resizeImg($_FILES['avatar']['tmp_name'],200,200,$path."_big.jpg"))
			resizeImg($_FILES['avatar']['tmp_name'],75,75,$path."_small.jpg");
	}
}

switch ($what){
	case "avatar": 		changeAva($user_id); break;
	case "birthdate":	$birthdate = strtotime(strip_tags($route->POST("birthdate")));
						if ($db->sendQuery("update `users` set `birthdate`='$birthdate' where `user_id` = '$user_id' limit 1"))
							goToPage("/cabinet/profile/?birthdate=success");
						goToPage("/cabinet/profile/?birthdate=fail");
						break;
	case "city": 		$city = UV::readInt(strip_tags($route->POST("city")));
						if ($db->sendQuery("update `users` set `city_id`='$city' where `user_id` = '$user_id' limit 1"))
							goToPage("/cabinet/profile/?city=success");
						goToPage("/cabinet/profile/?city=fail");
						break;
	case "about": 		$about = UV::readMQ(strip_tags($route->POST("about")));
						if ($db->sendQuery("update `users` set `about`='$about' where `user_id` = '$user_id' limit 1"))
							goToPage("/cabinet/profile/?about=success");
						goToPage("/cabinet/profile/?about=fail");
						break;
	case "sex":			$sex = UV::readMQ(strip_tags($route->POST("sex")));
						if ($db->sendQuery("update `users` set `sex`='$sex' where `user_id` = '$user_id' limit 1"))
							goToPage("/cabinet/profile/?sex=success");
						goToPage("/cabinet/profile/?sex=fail");
						break;
	case "password":	$oldpass = md5($route->POST("oldpass"));
						$newpass = md5($route->POST("newpass"));
						$newpass_repeat = md5($route->POST("newpass_repeat"));
						$is_right = $db->getCell("select `user_id` from `users` where MD5(CONCAT('$oldpass',`salt`)) = `password` and `user_id` = '$user_id' limit 1");
						if (!$is_right)
							goToPage("/cabinet/profile/?password=oldpass");
						if ($newpass != $newpass_repeat)
							goToPage("/cabinet/profile/?password=repeat");
						$salt = randString(4,"HszQaJpFAEWufwkLhGgbVCxZ1234567890");
						$new_password = md5($newpass.$salt);
						$db->sendQuery("update `users` set `password`='$new_password',`salt` = '$salt' where `user_id` = '$user_id' limit 1");
						goToPage("/cabinet/profile/?password=success");
						break;
}

goToPage("/cabinet/profile/");

?>